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Abstract 

We present a symmetric LDPC code with constant rate and constant distance (i.e. good 
LDPC code) that its constraint space is generated by the orbit of one constant weight constraint 
under a group action. Our construction provides the first symmetric LDPC good codes. This 
solves the main open problem raised by Kaufman and Wigderson in pQ. 

1 Introduction 

An (n,k, d)-code is a subspace C of F^ , where \X\ = n, of dimension k such that the (Hamming) 
weight of every vector ^ v € C is at least d. A code (or rather a family of codes, when n — > oo) 
is called good if there exists an e > such that r(C) = ^ (the rate) and 5(C) = ^ (normalized 
distance) are both at least e. For a code C C Fg we denote by C ± its dual (i.e. all vectors 
"orthogonal" to C) and we think of its vectors as the constraints defining the code (i.e. they define 
linear functionals on F^ whose common set of solutions is C). The code C is called LDPC if there 
exists a set of defining constraints of bounded weight. This bound is called the density of the code. 

The code C is said to be symmetric (w.r.t. H) if there exists a group H acting transitively on X 
such that the induced action on F^ preserves C. The code C is called single-orbit symmetric if in 
addition there exists v 6 C 1 - such that C 1 - is spanned by the orbit H ■ v (i.e. C is defined by the 
equation x ■ v = and its translations by H ) . We say that C is highly symmetric if furthermore the 
vector v can be chosen to have a bounded weight (which, in particular, implies that C is an LDPC). 
Many of the codes studied in coding theory are symmetric and even single-orbit symmetric (though 
not necessarily highly-symmetric), e.g., all the cyclic codes (see section [5]below). But, unfortunately 
cyclic codes do not tend to have the other desired good properties. For example, it is a long standing 
conjecture that there are no good cyclic codes. An old result of Berman from 1967 [2] proved it for 
infinitely many code lengths. In [lj Babai, Shpilka and Stefankovic show that cyclic good LDPC 
codes do not exist. 
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In [3J Kaufman and Wigderson initiated the study of highly symmetric LDPC codes. The reader 
is referred to their paper for motivation. The main question presented there is: "To what extent 
can symmetric LDPC codes attain (or even come close to) the coding theory gold 
standards of linear distance and constant rate?" 

The authors consider the tradeoff between 1/rate and the density in symmetric codes. In the codes 
known prior to their work, if one was constant then the other was worst possible. They constructed 
a symmetric code with better tradeoff between 1/rate and the density, namely a symmetric code 
with constant rate, nearly constant distance, whose density is poly logarithmic in the code length. 
Thus, their code satisfy some of the gold standards but not all. Moreover, they show that if the 
group H is abelian or solvable (of bounded derived length) there are no codes satisfying all the 
desired properties and expressed some skepticism if such codes exist at all. 

Our main result is on the optimistic side and give: 

Theorem 1 (main). There exist explicit highly symmetric LDPC good codes. 
So, our codes meet all the "gold standards" of coding theory. Our code C have: 

• Constant rate. 

• Constant relative distance. 

• Symmetric under a group action H. 

• The dual code C 1 - is generated by a single orbit H ■ v. 

• The above v can be chosen to have bounded weight. In particular, C is also LDPC. 

Our constructions are of Cayley codes, in the framework of [3], but with different groups and 
different generators. Cayley codes are defined in [3J as follows. Let G be a group of order m and 
S a symmetric (i.e. S = S^ 1 ) set of generators of order t. Let Cay(G,S) be the (right) Cayley 
graph of G w.r.t. S and E its set of edges. So \E\ = mt/2. Assume B C Ff is a linear code. 
Let C(G, S, B) be the linear subspace of Ff' containing all the functions / : E — > ¥2 such that for 
every g E G the "local view" of / at the star of g is in B, i.e. the function f g : S — >■ ¥2 given by 
fg( s ) ■= f{(.9,9s)) is in B. 

In general, Cayley codes are not symmetric. The group G acts transitively on the vertices of 
Cay(G,S) but not on its edges. The Cayley code is symmetric in the following situation. Let G 
be a group generated by a symmetric set S (i.e. S = S^ 1 ) and T a group acting on G (i.e., there 
exists a homomorphism ip : T — > Aut{G)). Assume that S is an orbit of the action, namely, there 
exists 7 £ G such that 

S = W(a)( 7 )\a€T}. 

In this case one can show, see Section [3j that the semi-direct product group H = G x T acts on 
Cay(G, S) and this action is transitive on the edges. 

Now, the group T acts on S and hence on Ff. If the "small code" B is preserved by T (i.e. B is 
symmetric w.r.t T), then H = G x T preserves C(G, S, B). Moreover, if B is single-orbit symmetric 
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(w.r.t. T), e.g., if T is a cyclic group and B is a cyclic code, then C(G,S,B) is also single-orbit 
symmetric, and in this case it is also automatically highly symmetric when \S\ is bounded. (See 
Section [3] below) . 

The following theorem (proved in [4] inspired by |13j and [32]), estimates the parameters of C = 
C(G, S, B) in terms of those of B and the eigenvalues of the graph Cay(G, S). 

Theorem 2. Let G,S,T,B as above, with B a code in Ff with rate r(B) and normalized distance 
5(B). Then C = C(G,S,B) is a code with r(C) > 2r(B) - 1 and 5(C) > [(6(B) - A)/(l - A)] 2 
where A = X(Cay(G, S)) is the second largest normalized eigenvalue of the Cayley graph Cay(G, S). 

Corollary 1. In the notations above; if r(B) > | and 5(B) > \(Cay(G, S)) then C(G, S, B) is 
a good code. If in addition B is single-orbit symmetric, then so is C = C(G,S,B). Hence, if 
\G\ — > oo and \S\ is bounded C is highly symmetric. 



The last corollary gives the framework to prove Theorem [TJ We will present first edge transitive 
Cayley graphs Cay(G, S) (where S is the orbit of a cyclic group T of a fixed size q + 1 acting on 
G, when |G| — > oo) with A = \(Cay(G, S)) sufficiently small. Secondly, we will find a cyclic code 
B C Ff with r(B) > ^ and 5(B) > A. The resulting C(G, S, B) will be highly symmetric and good 
by Corollary [TJ In particular it is also LDPC as it is defined by local equations (in fact the orbit of 
one equation under the group H = G x T) which touches at most q + 1 variables. So, Theorem [TJ 
will be proven once the two goals will be achieved. 

For the first mission let us recall that a finite q + 1-regular connected graph is called Ramanujan if 
for every normalized eigenvalue A either |A| = 1 or |A| < Such graphs where constructed in [7] 

for every prime p and for every prime power q = p in [10] . But we will make use of a more recent 
explicit construction of Ramanujan graphs by Lubotzky, Samuels and Vishne [9] which have some 
extra symmetry, and in particular are edge transitive. 

Theorem 3 (Edge Transitive Ramanujan graphs Theorem). For a prime power q and for a G N 
such that q a > 17, let G = PSL2(q a ) or G = PGL2(q a ) and let T be the non split tori of order 
q + 1 in PGL2(q). There exists 7 G G such that Cay(G,S) is a q + 1-Ramanujan graph with 
S = {tjf 1 ^ G T}, \S\ = q + 1, in particular, the graph Cay(G, S) is edge-transitive. The element 
7 will be explicitly defined in section^ In the case that G = PGL2(q a ) the graph Cay(G, S) is 
bi-partite. 



The above theorem will give us the desired Cayley graphs. For B we will make a very special 
choice. Assume now m > 10, q = 2 m+1 — 3 and assume that q is a prime power. For example, one 
can take m = 11, q = 4093 (so q is prime in this case). 

Theorem 4 (Good B Theorem). Let q G N be a prime power such that q + 1 = 2 m+1 — 2 = 2(2 m — 1) 
for m > 10. Then there exists an explicit linear binary cyclic code B C F^" 1 " 1 with r(B) > ^ and 

m > ^f. 

The proof of Theorem [J] will use standard methods of coding theory. The cyclic codes which are 
natural to be chosen to have the required rate and distance are BCH-codes. However, a little 
obstacle is caused by the fact that over F2, BCH codes are always of odd length, while for our 
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construction we need them to be of even length. This is overcome using a trick from |14| (see 
Section [5] for details). 

An interesting number theoretic problem is whether one can find infinitely many g's suitable for 
us. I.e. are there infinitely many r's for which 2 r+1 — 3 is a prime (power)? This is a question of 
the the same style of the famous Mersanne Primes Problem; Are there infinitely many primes of 
the form 2 m — 1? It seems that with the current knowledge we also do not know the answer even 
if we replace "primes" with "prime powers". Luckily, we need only one such q and 2 12 — 3 = 4093 
does the job for us! 

2 Notations and Conventions 

We start with some basic definitions that are being used throughout this work. 

2.1 Group theory definitions 

Definition 1 (Action of a group on a set, transitivity). An action of a group T on a set X is a 

group homomorphism <p : T — > Sym(X) that sends each element t to a permutation of the elements 
of X. Let x l denotes the action of t £ T on x G X. That is, an action should satisfy for every 
t, t' G T, x G X 

x a ' = {x*f 

The orbit of an element x G X is 

X T = { x *|t g T}. 

The action is called transitive if for some (and hence every) x G X , x T = X. 

Definition 2 (Action of a group on a group). An action of a group T on a group G is a group 
homomorphism : T — > Aut(G). Let g l = 4>t{g) denotes the action of t G T on g G G. 

Definition 3 (Semi-direct product group). Suppose a group T acts on a group G. The semidirect 
product G x T is a group whose elements are pairs (g, t) where g G G and t G T, and the product 
is given by: 

{gi,h) • {92, h) = {g\ ■ g^M ■ t 2 ). 

Note that with the identification of G as a subgroup {(g, 1)} of G X T, we have g l = tgt' 1 which 
respects the equality (g ) = g . 

2.2 Graph definitions 

Definition 4 (Cayley graph). Given a group G and a set of generators S C G (S = S~ l ), the 
Cayley graph Cay(G, S) is a graph, whose vertices are labeled by elements of G. The edges adjacent 
to g G G are (g, s), s G S and (g, s) = (gs, s^ 1 ). 
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Definition 5 (Edge-transitive graph). A graph Y = (V,E) is edge-transitive if Aut(Y) acts tran- 
sitively on the undirected edges. 

Here is a situation in which the Cayley graph is edge transitive. 

Definition 6 (Action of the semi-direct product group). Let G be a group and SCGs generating 
subset with S = S^ 1 . Let T be a group acting on G (as group automorphisms) and assume S is 
invariant under T (i.e. s T C S, for every s G S). The semi-direct product group GxT acts on the 
Cayley graph Cay(G,S) as graph automorphism as follows. For (g,t) G G x T, (g',s) G G x S. 

{g',s)^ t ) = {gg\s t ) 

We have the following properties that can be easily verified by direct calculations. 

• This is a well defined action, i.e. for (g\, t\), (52, £2) £ G XI T, (g',s) G (G x S), 

((g , s) i92 ' t2) ) i9utl) = ( 5 ',s) (9l ' tlH92 '* 2) . 

Note that the undirected edge (g',s) can be also presented as (g'sjS^ 1 ), and indeed: 
(g's^- 1 )^ = (gig's)*, is- 1 )*) = {gg'h 1 , (s*)- 1 ). 

which represents the same edge as (gg' t ,s t ) = (</, s)( ff '*). 

• This action is always transitive on the vertices, and if the action ofT on S is transitive then 
the action of G Xi T on Cay(G,S) is edge transitive. 

• This action when restricted to G (sitting as a subgroup {(g, l)\g G G} in G xi T) is the usual 
action of G on Cay(G,S) by multiplication from the left. 



3 Cayley Codes 

Definition 7 (Linear code, length, dimension, rate, distance). Let ¥ be a field and X a finite set. 
A linear code C C is a linear subspace. The orthogonal space to C is the dual-code C^. The 
length of the code C is \X\. The dimension of the code C is its dimension as a subspace. The rate 
of C, denoted by r(C), is the dimension of the code divided by its length. The weight of c G F^, 
denoted w(c), is the number of non-zero coordinates in c. The normalized distance of C , denoted 
d~(C), is the minimum weight of a non-zero codeword of C, divided by the length of C. 

Definition 8 (Symmetric and Highly Symmetric codes). Continuing with the notations of Defini- 
tion [7j- We say that a code C is symmetric ( or symmetric with respect to G) if there is a group G 
acting transitively on X such that C is invariant under the induced action of G on F . In such 
a case C 1 - is also invariant under G (since v ■ w 9 = v 9 ■ w for every g G G and v,w G ¥ x ). 
We say that C is single-orbit symmetric if there exists v G C 1 - such that the G-orbit v G C ¥ x 
of v spans C 1 - . A code C (or more precisely a family of codes C when \X\ — > 00) is said to be 
highly-symmetric if C 1 - is spanned by an orbit of v G where v is of bounded weight. 
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So, symmetric C means that "all variables" look the same, and it is also single-orbit symmetric if 
one equation defines C as a symmetric code. Many of the codes studied classically in coding theory 
are single-orbit symmetric. For example, all cyclic codes are such (see below and in Section [5]). Let 
us observe that the action of G on X, and hence on ¥ x , makes F^ into an F[G]-module, where 
¥[G] denotes the group algebra of G over F. If C is invariant under G, it simply means that C 
ia an F[G]-submodule. So, given the transitive action of G on X, symmetric codes in F"^ are the 
same as F[G]-submodules. Now, if C is a submodule, so is C^. The symmetric code/submodule 
C is single-orbit symmetric iff C ± is 1-generated submodule (also called cyclic submodule). Note 
that an F[G]-module M is 1-generated iff it is isomorphic to a quotient module of ¥[G] (as an ¥[G] 
module). 

As G acts transitively on X, X can be identified with the coset space G/H of some subgroup 
H of G and F^ = ¥ G / H is a quotient module of ¥ G = ¥[G], i.e., F^ is a cyclic module (namely 
1-generated). But here a word of warning is needed. In general an ¥[G] -submodule of a cyclic F[G]- 
module is not necessarily cyclic, which means that symmetric codes are not necessarily single-orbit 
symmetric. 

Here is a well known example. Let ¥ p be the field of prime order p and G a finite p-group. Let 
A be the augmentation ideal of F p [G], i.e., A = Ker(j) where j : ¥ P [G] — > ¥ p is defined by 
a g g) = Y2 a g (here a g S ¥ p and g £ G). Then A is a submodule (in fact, being the kernel of 
the homomorphism j, it is even a two sided ideal of the group algebra F p [(?]), and it is well known 
that its minimal number of generators is equal to d(G), the minimal number of generators of G as 
a group. Now, when G is not a cyclic group, d(G) > 2 which shows that if we take X = G,¥ p has 
C = A 1 - as a symmetric code which is not single-orbit symmetric (since its dual A = (A - * - )" 1 " is not 
cyclic). For more information about the number of generators of A, its powers and general (left) 
ideals of ¥ p [g] (which are exactly its submodules) see [H] - especially Section 5. 

On the other hand, if G is a finite cyclic group acting transitively on a set X and F an arbitrary 
field, then every submodule of F^ is cyclic. Indeed F"^ is a quotient of the group algebra ¥[G]. The 
last is isomorphic to F[t]/(t n — 1) with n = \G\, and hence it is a quotient of the polynomial ring 
¥[t], which is a principle ideal domain and each of its ideals is 1-generated. So, when G is a cyclic 
group all the codes which are symmetric w.r.t G are automatically single-orbit symmetric. These 
are the classical so called "cyclic codes" (see more in Section [5]). 

There is another situation where symmetric codes are automatically single-orbit symmetric; This is 
when the characteristic of the field F is prime to the order of G. In this case every ¥[G] submodule M 
of F"^ is also a quotient module (since every F[G]-module is semi-simple) and as F x is 1-generated 
so is M. 

In [3], Kaufman and Wigderson initiated the study of Cayley codes as a method to construct 
symmetric and highly symmetric codes. We will use this framework in order to construct constant 
rate, constant distance LDPC codes whose constraint space is generated by one constraint of 
constant weight. 

Definition 9 (Cayley code). Given a Cayley Graph Cay(G, S) and a linear code B C ¥ s of 
length \S\ = t define the linear Cayley code Cay(G, S, B) C F^l'l 5 !/ 2 as follows. Its coordinates 
are the \G\ ■ \S\/2 undirected edges of the graph Cay(G, S), namely the pairs {(g, Sj), (gsi, s^ 1 )} , 
g £ G,Si G S = {s\,--- ,st}. The defining linear constraints are the local constraints of B on the 
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edges incident to every vertex, namely 

c £ Cay(G, S, B) iff for every g £ G the following holds: 

• Vertex consistency: (c st w -in,-" ,c ( / w € B. 

J y {{9,si),{gsi,s 1 )}' ' {(g,st),(gs t ,s t )} > 

Assume T is a group acting on G and S is an orbit of T, i.e. there exists 7 £ G s.t. S = 7 T . 
Assume further that S = S" 1 . Let H = G x T. As in Definition El H acts on Cay(G, S) and this 
action is edge transitive. Let now B C ¥ s be a linear code, which is invariant under the action of 
T (which acts on S and hence on ¥ s ). It is straight forward now to check that C = C(G, S, B) is 
invariant under H (see also [1]). 

The following proposition now follows easily from the definition. 

Proposition 5. If B is single-orbit symmetric w.r.t T then C = C(G,S,B) is single-orbit sym- 
metric w.r.t H = G x T. Moreover, C 1 - is generated by the orbit of one vector of weight at most 
\S\. 



The second statement follows from the fact that each of the constraints defining C is "local" and 
touches only the variables associated with the edges around a single vertex. 

Before bringing the main theorem of this section, let us recall that if T is an r-regular graph of 
size m, then the eigenvalues of its adjacency matrix are r = Ao > Ai > • • • > A m _i > — r, and we 
denote A = A(r) = ~}~ the second normalized eigenvalue of T. 

The following theorem is proved in [3], Theorem 7. It summarizes Theorem [2] and Corollary Q] from 
the introduction. 

Theorem 6 (Detailed Cayley Codes Theorem). Let ¥ be a field. Let G and T be groups, such that 
T acts on G, S C G is an orbit for this action. Assume S = S^ 1 and S generates G. The action 
ofT on S induces an action on ¥ s . Let BCF S be a linear code invariant under T. Assume that: 

• Cay(G,S) is an expander with second normalized eigenvalue A. 

• Normalized distance of B is 5 > A. 

• Rate of B is greater than ^ (tb > \)- 

• B is T- single- orbit symmetric. 



Then the code C(G, S, B) C f' " 51 '/ 2 has constant rate at least 2r(B) — 1 and normalized distance at 
least [(5 — A)/(l — A)] 2 . It is invariant under the action of the semi-direct product group H = G xi T, 
and it is H- single- orbit symmetric. Moreover, C(G, S, B) is LDPC defined by constraints of weight 
equal to the one constraint defining B (under the T -action). 



7 



4 Edge Transitive Ramanujan Graphs 



In this section we prove Theorem [3l This is just a special case of a much more general result in [9 
but as the result there is so general, one may find it difficult to see the special case needed here, 
so we will review it here. In fact, the special case needed here has already been used in [6] for a 
different reason and was also explained there. We repeat the description for completeness and also 
in order to give the explicit description of the set of generators S, which amount to give an explicit 
description of 7 in the notations of Theorem [3j 

Let ¥ q and ¥ q 2 be the fields of order q and q 2 , say ¥ q 2 = ¥ q [a] where a 2 E ¥ q is not a square in ¥ q . 
Following the notations of [9], we denote by R the ring R = ¥ q [y, |, , i.e. the subring of the field 
of rational functions ¥ q (y) generated by y , and ^. Let A{R) be the four-dimensional i?-algebra 
with a basis l,a,z and az (i.e. it contains the commutative -R-subalgebra R[a] = ¥ q 2 [y, ^, j^] as 
a two-dimensional i?-module). The multiplication in A(R) is determined by the rules za = —az 
and z 2 = 1 + y. As I + y is central and invertible, z is invertible, in fact, z~ l = j^z. Denote 
b = 1 + z' 1 E A(R). 

Now, A(R) contains ¥ q [a] = ¥ q 2. For every u E F* 2 , we denote b u = ubu~ l . As F* is in the 

center of A(R), b u depends only on the coset of u in ¥* 2 /¥*. This gives 2-=± = q + 1 elements 

S = {b u I u E F* 2 /F*} of A(R)* , where for a ring D, we denote by D* the group of invertible 
elements. 

Let r be the subgroup of A(R)* generated by the 6 u 's and T will be its image in A(R)*/R*, generated 
by S = {b~ u /R* I b u E S}. For every ideal I < R, we get a map 717 : A(R)*/R* -> A(R/I)* /{R/If 
and we denote the intersection T n Ker(7r/) by r(I)-the congruence subgroup. If {0} I < i? is a 
prime ideal and i?// is a finite field of order q e , then A(R/I) (a quaternion algebra) is isomorphic 
to the 2 x 2 matrix algebra over ¥ q . (i.e. to M 2 (F (?e )) and so A(R / 1)* / (R / 1)* ~ PGL 2 {q e ). 

Theorem 6.2 of [9j says that for every {0} ^ I < R, the Cayley graph of T/T(I) w.r.t. the generators 
S (or more precisely the images of S in r/r(/)) is a (q + l)-regular Ramanujan graph. Along the 
way it is shown there that the set S is symmetric (i.e. s E S iff s _1 E S 1 ). 

Now if / is a prime ideal of R with R/I = ¥ q ^ } then T/r(J) is isomorphic to a subgroup of PGL2(q e ), 
and Theorem 6.6 of [9] shows that it contains PSL2(q e ). As the latter is a subgroup of index 2 in 
the first, T/T(I) can be either the first or the second. Moreover, we have enough choices: Theorem 
7.1 of [9] ensures that for q e > 17, one can choose I such that G = PSL>2(q e ) or G = PGL2(q e ) 
will be obtained. This depends on the image of b : if its image is in PSL2(q e ) then, as the latter 
is a normal subgroup of PGL2(q e ), all its conjugates {b u } are also in PSL2{q e ) and vice versa. If 
the image of b is not in PSL2(q e ), then the resulting graph is bipartite since PGL2{q e ) / P S L2{q e ) 
is a cyclic group of order 2, and as said before, all the generators are outside PSL2{q e ). As it is 
explained in Corollary 6.8 of [9], it all depends on the image of in R/I = F q e. If this image is a 
quadratic residue there, we will get PS , L 2 (g e ) and, if it is a non-quadratic residue, we get PGL 2 (q e ). 
The discussion in Section 7 of [9] shows that at least when q e > 17, there are sufficiently many 
irreducible polynomials in ¥ q [y] of degree e to have both possibilities. 

Finally, let us observe that since F* 2 normalizes S, the subgroup F* 2 of A(R)* normalizes T and 
hence also T(I), so F* 2 /F* also acts on T/T(I) and the image of S is the orbit of (the image of) 
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b there. Putting all this information together we see that Cay(T/T(I), S) = Cay(G,S) is the 
promised edge transitive Ramanujan graph. 

The above description of the results from [9j brings only what is needed for this paper. But let 
us say a few words about the bigger picture (see also Remark 3.6 of [6], but here we talk only on 
the case d = 2, i.e. trees and not general buildings): The group A(R)* /R* is a discrete cocompact 
lattice in A(¥ q ((y))f /¥ q ((y))* . The latter is isomorphic to K = PGL 2 (¥ q ((y))) and it acts on its 
Bruhat-Tits tree T, which is a (q + l)-regular tree. The element b £ K takes the initial point of the 
tree (the vertex xq corresponding to the lattice F g [[?/]] 2 ) to a vertex x\ of distance one from it. The 
group F* 2 /F* fixes xq and acts transitively on the q + 1 vertices adjacent to xq (which are in one 
to one correspondence with the projective line P 1 (F g ) on which indeed F* 2 /F* acts transitively!) 
The group T which is generated by the conjugates {b u } acts simply transitively on the vertices of 
T. This is a special one-dimensional case of a general result of Cartwright and Steger [3J. The 
Cayley graph of T with respect to {&«} can therefore be identified with T and hence the Cayley 
graph Cay(T/T(I),{b u }) is isomorphic to T/T(I). The fact that the last one is Ramanujan is a 
deep fact, which follows from the work of Drinfeld (see ([5], [10] and [8]). This is just as in the 
"old" Ramanujan graphs. The extra symmetry that we have in our case is due to the fact that T 
is normalized by F* 2 /F* which has order q + 1 and acts transitively on the q + 1 generators of V. 

5 Construction of cyclic codes with prescribed parameters 

To prove our main theorem, Theorem [IJ we will use Theorems [6] and [31 i.e. Cayley codes based on 
the edge transitive Ramanujan graphs constructed in Theorem [3j What is left is to construct the 
" small code" B of Theorem [6l This is what we do now. Specifically, we restate and prove a slightly 
extended version of Theorem HI 

Theorem 7 (Detailed Good B Theorem). Let q £ N be a prime power such that q + 1 = 2 m+1 — 2 = 
2(2 m — 1) for m > 10. For any constant a > 2, there exists an explicit linear binary cyclic code 
B C Fr5 +1 with r(B) > | + ~ > ^ and 5(B) > 2iog(q+i)(a/(a-2)) ' ^ n P ar ^cuZar ; a can be chosen 
such that r(B) > \ and 5(B) > (e.g. a>8). 

Theorem [7] can be deduced from known results in the literature but the requirement that the cyclic 
code is of even length (i.e. of length q + 1 for q being a prime power), makes it less routine. Thus, 
we provide a self contained proof for the existence of such codes. 

In the proof we will also review some of the known properties of cyclic codes. Recall, that a linear 
code C C ¥2 is called cyclic if for every (00, oi, • • • , a n -\) G C also (a n _i, ao, ai, • • ■ , an-2) £ C. To 
every vector (ao, 01, • • • , a n -i) 6 F?? we associate the polynomial Y17=o a i x% e ^2[x] and so we can 
identify FJ? with the subspace of polynomials of degree at most n — 1 in F2 [cc]. The latter can be also 
thought as the elements of the ring R = F2[x]/(x n — 1), i.e., F2[x] divided by the ideal generated 
by x n — 1. Now, if C is a cyclic linear code in FJ, it gives rise to a subspace of R which is invariant 
under multiplication by x, and hence also by its powers. As C is a subspace, it is invariant under 
multiplication by any element of R, i.e. C is an ideal in R. Conversely, every ideal of R gives a 
linear cyclic code in Now, Fa [a?] is a principle ideal domain and so is R. An ideal C in R is thus 
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uniquely denned by its generator h(x) which is a polynomial in F2[x] which divides x n — 1 (Since 
in F 2 [x], (h(x)) D (x n - 1)). 

Thus, we have a one to one correspondence between linear cyclic codes, ideals in R and divisors of 
x n — 1 in F2[x]. We can also deduce the following proposition 

Proposition 8. In the notation above, dim C = n — deg h(x). 



We now move to discuss properties of cyclic codes in FJ? for n = 2 m — 1 for some m G N. These 
are the most studied cyclic codes. Let E = F2™ be the field of order 2 m . Let w G E be a primitive 
element in E. Every a £ E* = E — {0} satisfies a n = 1. In fact, is exactly the set of all the roots 
of x n — 1. For a € E* denote m a (x) the minimal polynomial of a over F2, i.e., it is the polynomial 
of minimal degree in F2[x] satisfying m a (x) = 0. As a £ E, which is extension of degree m, we 
know that deg(m a (x)) < m. Also, we have m a (x)\x n — 1 since a is a root of x n — 1, and for every 
a G E* , m a (x) = m a 2(x). 

In general, it is not so easy to estimate the distance of the cyclic code C from its generating 
polynomial h(x). However, this is possible for the following special case that will be used for the 
proof of Theorem [3 For 1 < r < n, denote 

h r {x) = l.c.m{m w i(x)\l < i < r}. 

Since m a (x)\x n — 1, also h r (x)\x n — 1. As deg(m a (x)) < m, deg(h r (x)) < rm. In fact, for every 
a G E* , m a (x) = m a 2(x) and hence deg(h r (x)) < rm/2 (for r > 4). The polynomial h r {x) 
gives rise to an ideal (i.e. to a linear cyclic code) C r called the BCH(m, r) code. The following 
proposition provides bounds on the dimension and distance of the BCH(m, r) code. 

Proposition 9. The dimension of the BCH(m,r) code is at least n — mr/2 (for r > A), and its 
distance is at least r + 1 . 



Proof. As the generating polynomial of BCH(m,r) has degree at most rm/2 (for r > 4), we get 
the bound on the dimension of BCH(m,r) from Proposition [H For obtaining the bound on the 
distance of BCH(m, r), note that if the code had a codeword c of weight at most r, the polynomial 
associated with this codeword c(x) would be of the following form c(x) = c\x kl + 



+ c r x kr with 

k\ < ki < ■ ■ ■ < k r . As h r {x)\c{x) (since the generating polynomial divides every polynomial that 
is associated with a codeword of the code) we have that c{w t ) = for every i = 1, • • • ,r. This 
means 
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But the matrix of coefficients has determinant equal to Yii=i wki fi mes the determinant of the 



Vandermonde matrix of w 



,w r . Thus, it is not zero. This implies that c\ 



□ 
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We are now ready to prove Theorem [71 By Proposition [9] the BCH(m, r) code for r > 4 is a linear 
cyclic code of (odd) length n = 2 m — 1, dimension at least n — mr/2 and distance at least r + 1. 
Thus, if we take r = |_^r(l — §)J f° r some constant a > 2 we get that BCH(m, r) is a cyclic code of 
dimension at least n(l/2 + 1/a), i.e with rate at least 1/2 + 1/a. Moreover, this code has distance 
at least ^(1 — |), i.e. normalized distance at least m 

However, for our goal we need the final outcome B to be a cyclic linear code of (even) length 
q + 1 = 2 m+1 — 2 = 2(2 m — 1) = 2n over F2 (where q is a prime power). Using Lemma [TU1 we can 
transform the cyclic code BCH(m,r) of length n = 2 m — 1, described above, to a cyclic code B 
of length q + 1 = 2n, with the same rate as in BCH(m,r), that is, at least 1/2 + 1/a > 1/2, and 
a normalized distance that is half the normalized distance of BCH(m,r). Namely, a normalized 
distance which is at least £=2 > „ a 7 2 . Now if m > 10 and a > 8 

2ma 2a log q — — 

5(B) > > -ifi- > Vi. 

2ma 2a log q q + 1 

So if we choose m = 11 and q = 2 m+1 — 3 = 4093 all the requirements are satisfied and Theorem Q] 
is proved modulo the following lemma. 

Lemma 10 (A transformation of a cyclic code of odd length to a cyclic code of even length). // 
there exists a binary cyclic code C of (odd) length n = 2 m — 1, dimension k (i.e. rate k/n) and 
distance d (i.e. a normalized distance of d/n), then there exists a binary cyclic code B of (even) 
length 2n = 2(2 m — 1), dimension 2k (i.e. rate k/n) and distance d (i.e. a normalized distance of 
d/2n). Moreover, B is explicitly constructed from C. 

Proof. The following proof is essentially from p3j. We include it here for completeness. Let 
n = 2 m - 1 and N = 2n. Define a map 99 : F£ x F£ by: 

f(ao,ai,--- ,a n -i,b ,bi,--- ,6„-i) = (a ,b 1 ,a 2 ,b 3 , ■ ■ ■ , 6„_ 2) a n _i, 6 Q , ai, b 2 , ■ ■ ■ ,a n _ 2 ,&n-i)- 

Clearly cp is one to one linear map. Denote B = (p(C x C). Thus, dim(B) = 2k, and so the rate of B, 
r(B) satisfies r(B) = 2k/2n = k/n = r(C). It is also easy to see that the distance of B is the same 
as the distance of C i.e. d. This mean that the relative distance of B, 6(B) = d/2n = 5(C) /2. We 
only need to show that B is a cyclic code, i.e. that B is an ideal when considered as a subspace of 
the ring ¥2[x]/(x N — 1). We claim that B is the ideal generated by h?(x) where h(x) is the generator 
of CasanidealofF 2 [a:]/(x n -l). Note first that x N - 1 = x 2n -l = (x n -l)(x n + l) = (x n -l) 2 and 
hence h 2 (x)\x N — 1, since h(x)\x n — 1. Also, note that dim(B) = 2dim(C) = 2(n — deg(h(x))) = 
N — deg(h 2 (x)). Thus, it suffices to show that every element of C is divided by h 2 (x). For 
a(x), b(x) £ C write 

a(x) = ao + a\x + • • • + a n _ix n_1 

= (ao + a-2X 2 H 1- a n _ix n_1 ) + x(a\ + a 3 x 2 H h a n _ 2 x n ~ 3 ) 

— o ei , en (x ) + xa 0f i(] i (x ) 

Note that n is odd. Similarly b(x) = b even (x 2 ) + xb oc id(x 2 ). Then w(x) = (p(a(x),b(x)) can be 
written as 
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w(x) = (a even (x 2 ) + x n+1 a odd (x 2 )) + (xb odd (x 2 ) + x n b even (x 2 )) 
= (a(x) + x(x n + l)a odd (x 2 )) + (b(x) + (x 11 + l)b even {x 2 )) 

Both terms F(x) = (a(x) + x(x n + l)a odd (x 2 )) and G(x) = (b(x) + (x n + l)b even (x 2 )) are divisible 
by h(x), since h(x) divides a(x),b(x) and x n — 1 = x n + l. Also we have that F(x) = (a(x) + x(x n + 
l)o-odd(x 2 )) = (a even (x 2 ) + x n+1 a odd {x 2 )) contains only even powers of x, and G(x) = (b(x) + (x n + 
^)b e venix 2 )) = (xb odd (x 2 ) + x n b even (x 2 )) contains only odd powers of x. This implies that both 
terms are actually divisible by h 2 (x). Indeed, F(x) = f 2 (x) for some polynomial f(x) G ^2[x] and 
= xg 2 (x) for some polynomial g(x) £ F2^]. Now, h(x)\F(x) and h(x)\G(x), also, is not a 
root of and all the roots of h(x) are of multiplicity one (here we use the fact that n is odd). 
Thus, we deduce that h(x) divides f(x) and g(x), which implies that h 2 (x) divides F(x) and G(x) 
and hence w(x). 

□ 

In summary we have proved: 

Theorem 11 (A highly symmetric LDPC good code). Let q = 4093, a G N, G = PSL 2 (q a ) or 
G = PGL 2 (q a ), T the group T = ¥* 2 /¥* q < PGL 2 (q), 7 G G as in Section^ S = {tyt-^t G T}. 
Let B £ ¥ s be the code defined in Section^ with a > 8. Then C(G, S, B) is a linear code of rate 
at least -, normalized distance at least 

/ a-2 _ VI 
J 2a log q q+1 

1 _ VJ 

\ 1 9+1 

The code is symmetric with respect to the action of the semi direct product group G x T , and C 1 - 
is generated by the orbit of a single constraint of weight at most q + 1. In particular, for a — > 00, 
this is a family of highly symmetric LDPC good codes. 
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